A group comprised of Cal State Fullerton students, faculty, guests from local industries and organizations and engineering scholars gathered at the Fullerton Holiday Inn on Thursday to discuss the nation’s issue of cyber security and what individuals and companies can do to assess these problems.
Dean Raman Unnikrishnan of Cal State Fullerton’s College of Engineering and Computer Science said they host four technical breakfasts each year.
“CSUF is looking at cyber security as an area of focus,” said Unnikrishnan, who also announced that the college is making steps toward hiring in the field of cyber security.
Ron Williamson, Ph.D., senior engineering fellow with Raytheon Network Centric Systems, was the appointed lecturer at the second ECS breakfast this year.
Raytheon, one of the world’s leading weapons manufacturers, is a large supporter of the College of Engineering and Computer Science, said Hart Roussel, director of development at the college.
Roussel noted that some 30 percent of Raytheon employees are CSUF alumni.
“Cyber is an exciting area and it’s a very nervous area to get into in terms of the vulnerabilities we all experience across the board,” said Williamson, who has more than 30 years of experience in aerospace informational systems and software engineering.
“Obviously the cyber risks we run into are pervasive. How do we assure the availability of energy resources to support our day-to-day operations? What do we do about it, how do we defend ourselves, what are the processes involved, and how do we handle it from a risk-management perspective?” Williamson said.
Williamson described a variety of threat vectors, including both viruses and objects in the physical world, such as squirrels and rodents, that can impact the infrastructure.
“Some of the cyber attackers out there are taking advantage of understanding the physical limitations and the lack of resiliency in our physical infrastructure is and be able to remotely attack those physical mechanisms and bringing down the grid,” Williamson said.
A typical company’s annual security budget is $344.6 million to stop only 95 percent of threats, said Williamson, who added that not all threats can be averted.
Job opportunities are growing in the cyber security sector for students and scholars. Williamson said the coined term for the career in this special field is “cyber warrior.”
“All of our companies and governments are looking for hiring cyber warriors who would be able to defend natural resources from cyber attacks,” Williamson said.
Williamson said there are vulnerabilities in the power grid exploitable to weather and animals. Cyber attackers are aware of these vulnerabilities and realize they do not have to be physically at a power station to break into the infrastructure.
Williamson said cyber attacks and physical attacks are no longer separate from each other.
“We’re not just talking about the hacker coming in and allocating critical safety, critical data, they’re actually causing kinetic effects on mechanisms,” he said.
According to Williamson, technology is making advances toward web enabling energy sources such as utilities, railroads, transportation and pipelines.
Although there is economic value in this system it also introduces vulnerabilities in the system because “any type of remote access is an attack vector possibility,” he said.
Viruses, worms, Trojan horses and blended threats do not all attack and destroy. Some are stealthy to monitor and find vulnerabilities, Williamson said.
Some ways to prevent infrastructure impacts are to track the movement of USB flash drives, monitor changes in library files and to not reuse the default administrator password.
“The bottom line is: Know your enemy and know yourself,” Williamson said.